🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-22663 | مرتفع | 7.5 |
prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to missing isPrivate che…
|
— | أبريل 3, 2026 |
| CVE-2026-27655 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on M…
|
— | أبريل 3, 2026 |
| CVE-2026-3880 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client P…
|
— | أبريل 3, 2026 |
| CVE-2026-3879 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Deta…
|
— | أبريل 3, 2026 |
| CVE-2022-4987 | مرتفع | 7.3 |
Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of…
|
— | أبريل 3, 2026 |
| CVE-2026-4107 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count a…
|
— | أبريل 3, 2026 |
| CVE-2026-28754 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists rep…
|
— | أبريل 3, 2026 |
| CVE-2026-28756 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on D…
|
— | أبريل 3, 2026 |
| CVE-2026-28703 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Betwee…
|
— | أبريل 3, 2026 |
| CVE-2026-4108 | مرتفع | 7.3 |
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Perm…
|
— | أبريل 3, 2026 |
| CVE-2017-20238 | مرتفع | 7.1 |
Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorizat…
|
— | أبريل 3, 2026 |
| CVE-2026-5474 | متوسط | 6.3 |
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw…
|
— | أبريل 3, 2026 |
| CVE-2026-5472 | متوسط | 6.3 |
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Th…
|
— | أبريل 3, 2026 |
| CVE-2026-5470 | متوسط | 6.3 |
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca6…
|
— | أبريل 3, 2026 |
| CVE-2026-5475 | متوسط | 5.5 |
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_…
|
— | أبريل 3, 2026 |
| CVE-2017-20233 | متوسط | 5.4 |
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correc…
|
— | أبريل 3, 2026 |
| CVE-2026-5484 | متوسط | 5.3 |
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the …
|
— | أبريل 3, 2026 |
| CVE-2026-34511 | متوسط | 5.3 |
OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it thr…
|
— | أبريل 3, 2026 |
| CVE-2026-3502 | حرج | 9.8 |
TrueConf Client — CVE-2026-3502
TrueConf Client contains a download of code without integrity check vulnerability. An at…
|
— | أبريل 2, 2026 |
| CVE-2026-3692 | مرتفع | 8.8 |
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may cr…
|
— | أبريل 2, 2026 |